On 06/05/2015 06:53 AM, wei.l...@citrix.com wrote:
> * Alternate p2m: support multiple copies of host p2m (ok)
> - Ed White
>
Revised design doc should be posted early week of June 8th.
V2 of patch series should follow within a couple of weeks.
V2 is significantly changed base
This document describes a new capability for VM Introspection, Security and
Privacy in Xen. The new capability is called “altp2m” (short for Alternate p2m)
that is used to provide the ability for Xen to host alternate guest physical
memory domains for a specific guest-domain. This document descr
On 06/10/2015 12:43 AM, Jan Beulich wrote:
On 10.06.15 at 02:09, wrote:
>> Design
>> ==
>
> Reads all quite reasonable; just one minor remark:
>
>> - Core altp2m functionality
>>
>> A new altp2m type is added to the p2m types (in addition to the previous
>> hostp2m and nestedp2m types)
On 06/10/2015 11:23 AM, Andrew Cooper wrote:
> On 10/06/15 01:09, Ed White wrote:
>> This document describes a new capability for VM Introspection, Security and
>> Privacy in Xen. The new capability is called “altp2m” (short for Alternate
>> p2m) that is used to provide t
On 06/10/2015 04:09 PM, Andrew Cooper wrote:
> On 10/06/15 20:41, Ed White wrote:
>> On 06/10/2015 11:23 AM, Andrew Cooper wrote:
>>> On 10/06/15 01:09, Ed White wrote:
>>>> This document describes a new capability for VM Introspection, Security
>>>>
On 06/11/2015 05:06 AM, Tim Deegan wrote:
> At 00:09 +0100 on 11 Jun (1433981379), Andrew Cooper wrote:
>> On 10/06/15 20:41, Ed White wrote:
>>> On 06/10/2015 11:23 AM, Andrew Cooper wrote:
>>>> Also, hardware accelerated altp2m is mutually exclusive with EPT
On 06/11/2015 12:05 AM, Jan Beulich wrote:
On 10.06.15 at 18:39, wrote:
>> On 06/10/2015 12:43 AM, Jan Beulich wrote:
>> On 10.06.15 at 02:09, wrote:
Design
==
>>>
>>> Reads all quite reasonable; just one minor remark:
>>>
- Core altp2m functionality
A new al
port.
Not all of the patches will be of interest to everyone copied here. I've
copied everyone on this initial mailing to give context.
Ed White (10):
VMX: VMFUNC and #VE definitions and detection.
VMX: implement suppress #VE.
x86/HVM: Hardware alternate p2m support detection
The altp2mhvm and nestedhvm parameters are mutually
exclusive and cannot be set together.
Signed-off-by: Ed White
---
docs/man/xl.cfg.pod.5 | 12
tools/libxl/libxl_create.c | 1 +
tools/libxl/libxl_dom.c | 2 ++
tools/libxl/libxl_types.idl | 1 +
tools
Add a flag to indicate that a memory event occurred in an alternate p2m
and a field containing the p2m index. Allow the response to switch to
a different p2m using the same flag and field.
Modify p2m_access_check() to handle alternate p2m's.
Signed-off-by: Ed White
---
xen/arch/x86/mm/
From: Ravi Sahita
Signed-off-by: Ravi Sahita
---
xen/arch/x86/hvm/emulate.c | 13 +++--
xen/arch/x86/hvm/vmx/vmx.c | 30 ++
xen/arch/x86/x86_emulate/x86_emulate.c | 8
xen/arch/x86/x86_emulate/x86_emulate.h | 4
xen/inc
pointers are added to p2m_domain to allow direct
access to the extended routines.
Signed-off-by: Ed White
---
xen/arch/x86/mm/p2m-ept.c | 40 +---
xen/include/asm-x86/p2m.h | 13 +
2 files changed, 46 insertions(+), 7 deletions(-)
diff --git a/xen
Add the remaining routines required to support enabling the alternate
p2m functionality.
Signed-off-by: Ed White
---
xen/arch/x86/hvm/hvm.c | 60 +-
xen/arch/x86/mm/hap/Makefile| 1 +
xen/arch/x86/mm/hap/altp2m_hap.c| 103 +
xen/arch/x86/mm/p2m-ept.c
Signed-off-by: Ed White
---
xen/arch/x86/hvm/hvm.c | 216
xen/include/public/hvm/hvm_op.h | 69 +
2 files changed, 285 insertions(+)
diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
index b758ee1..b3e74ce 100644
--- a
Implement and hook up the code to enable VMX support of VMFUNC and #VE.
VMFUNC leaf 0 (EPTP switching) emulation is added in a later patch.
Signed-off-by: Ed White
---
xen/arch/x86/hvm/vmx/vmx.c | 132 +
1 file changed, 132 insertions(+)
diff --git
holding the host p2m lock.
Signed-off-by: Ed White
---
xen/arch/x86/hvm/Makefile | 2 +
xen/arch/x86/hvm/altp2mhvm.c| 82
xen/arch/x86/hvm/hvm.c | 21
xen/arch/x86/mm/hap/hap.c | 31 ++-
xen/arch/x86/mm/mm-lo
From: Ravi Sahita
Signed-off-by: Ravi Sahita
---
tools/flask/policy/policy/modules/xen/xen.if | 4 ++--
xen/arch/x86/hvm/hvm.c | 35
xen/include/xsm/dummy.h | 12 ++
xen/include/xsm/xsm.h| 1
As implemented here, only supported on platforms with VMX HAP.
By default this functionality is force-disabled, it can be enabled
by specifying altp2m=1 on the Xen command line.
Signed-off-by: Ed White
---
docs/misc/xen-command-line.markdown | 7 +++
xen/arch/x86/hvm/hvm.c
t EPT violations only
the hypervisor is able to handle the violation.
Signed-off-by: Ed White
---
xen/arch/x86/mm/p2m-ept.c | 25 -
1 file changed, 24 insertions(+), 1 deletion(-)
diff --git a/xen/arch/x86/mm/p2m-ept.c b/xen/arch/x86/mm/p2m-ept.c
index a6c9adf..5de3387 1
Currently, neither is enabled globally but may be enabled on a per-VCPU
basis by the altp2m code.
Remove the check for EPTE bit 63 == zero in ept_split_super_page(), as
that bit is now hardware-defined.
Signed-off-by: Ed White
---
xen/arch/x86/hvm/vmx/vmcs.c| 42
On 06/23/2015 11:15 AM, Lengyel, Tamas wrote:
> On Mon, Jun 22, 2015 at 2:56 PM, Ed White wrote:
>
>> Add the remaining routines required to support enabling the alternate
>> p2m functionality.
>>
>> Signed-off-by: Ed White
>> ---
>> xen/arch/x86/h
On 06/23/2015 02:27 PM, Lengyel, Tamas wrote:
>> Testability is still a potential issue. We have offered to make our
>> internal
>> Windows test binaries available for intra-domain testing. Tamas has
>> been working on toolstack support for cross-domain testing with a slightly
>> earlier patch seri
On 06/24/2015 06:37 AM, Razvan Cojocaru wrote:
> On 06/24/2015 04:32 PM, Lengyel, Tamas wrote:
>>
>>
>> On Wed, Jun 24, 2015 at 1:39 AM, Razvan Cojocaru
>> mailto:rcojoc...@bitdefender.com>> wrote:
>>
>> On 06/24/2015 12:27 AM, Lengyel, Tamas wrote:
>> > I've extended xen-access to exercise
On 06/24/2015 03:06 AM, Andrew Cooper wrote:
>> diff --git a/xen/arch/x86/mm/hap/hap.c b/xen/arch/x86/mm/hap/hap.c
>> index d0d3f1e..202aa42 100644
>> --- a/xen/arch/x86/mm/hap/hap.c
>> +++ b/xen/arch/x86/mm/hap/hap.c
>> @@ -459,7 +459,7 @@ void hap_domain_init(struct domain *d)
>> int hap_enable(
On 06/24/2015 04:59 AM, Andrew Cooper wrote:
>> +
>> +if ( !veinfo )
>> +return 0;
>> +
>> +if ( veinfo->semaphore != 0 )
>> +goto out;
>
> The semantics of this semaphore are not clearly spelled out in the
> manual. The only information I can locate concerning this field
On 06/24/2015 06:46 AM, Andrew Cooper wrote:
> On 22/06/15 19:56, Ed White wrote:
>> Add the remaining routines required to support enabling the alternate
>> p2m functionality.
>>
>> Signed-off-by: Ed White
>> ---
>> xen/arch/x86/hvm/hvm.c
On 06/24/2015 07:38 AM, Jan Beulich wrote:
On 22.06.15 at 20:56, wrote:
>> --- a/xen/include/asm-x86/p2m.h
>> +++ b/xen/include/asm-x86/p2m.h
>> @@ -237,6 +237,19 @@ struct p2m_domain {
>> p2m_access_t *p2ma,
>> p
On 06/24/2015 07:59 AM, Jan Beulich wrote:
On 22.06.15 at 20:56, wrote:
>> +case HVM_PARAM_ALTP2MHVM:
>> +if ( a.value > 1 )
>> +rc = -EINVAL;
>> +if ( a.value &&
>> + d->arch.hvm_domain.params[HVM_PARAM_NESTEDHVM] )
>> +rc = -EINVAL;
>>
On 06/24/2015 09:01 AM, Lengyel, Tamas wrote:
> On Mon, Jun 22, 2015 at 2:56 PM, Ed White wrote:
>
>> Add a flag to indicate that a memory event occurred in an alternate p2m
>> and a field containing the p2m index. Allow the response to switch to
>> a different p2m using
On 06/24/2015 09:15 AM, Lengyel, Tamas wrote:
>> +bool_t p2m_set_altp2m_mem_access(struct domain *d, uint16_t idx,
>> + unsigned long pfn, xenmem_access_t
>> access)
>> +{
>>
>
> This function IMHO should be merged with p2m_set_mem_access and should be
> triggerable
On 06/24/2015 05:47 AM, Andrew Cooper wrote:
>> +case EXIT_REASON_VMFUNC:
>> +if ( vmx_vmfunc_intercept(regs) == X86EMUL_OKAY )
>
> This is currently an unconditional failure, and I don't see subsequent
> patches which alter vmx_vmfunc_intercept(). Shouldn't
> vmx_vmfunc_intercept() s
On 06/24/2015 02:34 PM, Lengyel, Tamas wrote:
> Hi Ed,
> I tried the system using memsharing and I collected the following crash
> log. In this test I ran memsharing on all pages of the domain before
> activating altp2m and creating the view. Afterwards I used my updated
> xen-access to create a co
On 06/24/2015 03:45 PM, Lengyel, Tamas wrote:
> On Wed, Jun 24, 2015 at 6:02 PM, Ed White wrote:
>
>> On 06/24/2015 02:34 PM, Lengyel, Tamas wrote:
>>> Hi Ed,
>>> I tried the system using memsharing and I collected the following crash
>>> log. In this te
On 06/25/2015 01:52 AM, Ian Campbell wrote:
> On Wed, 2015-06-24 at 11:06 -0700, Ed White wrote:
>> I think we should vote on this.
>
> In general we vote on things only when there has been a failure to reach
> consensus. Unless there has been some prior discussion around this i
On 06/24/2015 07:44 PM, Lengyel, Tamas wrote:
>> +if ( altp2m_active )
>> +{
>> +if ( altp2mhvm_hap_nested_page_fault(v, gpa, gla, npfec, &p2m) ==
>> 1 )
>> +{
>> +/* entry was lazily copied from host -- retry */
>>
>
> So I'm not fully following this logic here
On 06/25/2015 01:12 AM, Jan Beulich wrote:
On 24.06.15 at 19:53, wrote:
>> On 06/24/2015 07:38 AM, Jan Beulich wrote:
>> On 22.06.15 at 20:56, wrote:
--- a/xen/include/asm-x86/p2m.h
+++ b/xen/include/asm-x86/p2m.h
@@ -237,6 +237,19 @@ struct p2m_domain {
On 06/25/2015 02:00 AM, Andrew Cooper wrote:
> On 24/06/15 23:55, Ed White wrote:
>> On 06/24/2015 03:45 PM, Lengyel, Tamas wrote:
>>> On Wed, Jun 24, 2015 at 6:02 PM, Ed White wrote:
>>>
>>>> On 06/24/2015 02:34 PM, Lengyel, Tamas wrote:
>>>>>
On 06/25/2015 06:40 AM, Razvan Cojocaru wrote:
> On 06/25/2015 03:44 PM, Lengyel, Tamas wrote:
>> On Wed, Jun 24, 2015 at 2:06 PM, Ed White > <mailto:edmund.h.wh...@intel.com>> wrote:
>> On 06/24/2015 09:15 AM, Lengyel, Tamas wrote:
>> >> +bool_t p2m
On 06/25/2015 10:42 AM, Lengyel, Tamas wrote:
> On Thu, Jun 25, 2015 at 12:31 PM, Ed White wrote:
>
>> On 06/24/2015 07:44 PM, Lengyel, Tamas wrote:
>>>> +if ( altp2m_active )
>>>> +{
>>>> +if ( altp2mhvm_hap_nested_p
On 06/25/2015 10:29 AM, Lengyel, Tamas wrote:
>>
>> I plan to fix the bug, such that unshare will always occur before a copy.
>> I don't plan to make the altp2m's able to have shared pages.
>>
>> Ed
>>
>
> For now that is of course fine, memsharing is experimental and that's what
> I meant above.
On 06/25/2015 11:23 AM, Lengyel, Tamas wrote:
> On Thu, Jun 25, 2015 at 12:48 PM, Ed White wrote:
>
>> On 06/25/2015 06:40 AM, Razvan Cojocaru wrote:
>>> On 06/25/2015 03:44 PM, Lengyel, Tamas wrote:
>>>> On Wed, Jun 24, 2015 at 2:06 PM, Ed White >>>
On 06/25/2015 03:45 PM, Lengyel, Tamas wrote:
> On Thu, Jun 25, 2015 at 4:46 PM, Ed White wrote:
>
>> On 06/25/2015 11:23 AM, Lengyel, Tamas wrote:
>>> On Thu, Jun 25, 2015 at 12:48 PM, Ed White
>> wrote:
>>>
>>>> On 06/25/2015 06:40 AM, Raz
On 06/25/2015 11:04 PM, Jan Beulich wrote:
On 25.06.15 at 18:36, wrote:
>> On 06/25/2015 01:12 AM, Jan Beulich wrote:
>> On 24.06.15 at 19:53, wrote:
On 06/24/2015 07:38 AM, Jan Beulich wrote:
On 22.06.15 at 20:56, wrote:
>> --- a/xen/include/asm-x86/p2m.h
>> +++ b
On 06/24/2015 11:19 AM, Andrew Cooper wrote:
> On 24/06/15 18:47, Ed White wrote:
>>>> This looks like some hoop jumping around the assertions in
>>>> domain_pause() and vcpu_pause().
>>>>
>>>> We should probably have some new helpers where th
On 06/26/2015 12:24 PM, Daniel De Graaf wrote:
> On 06/22/2015 02:56 PM, Ed White wrote:
>> From: Ravi Sahita
>>
>> Signed-off-by: Ravi Sahita
>
> One comment, below.
>
> [...]
>> diff --git a/tools/flask/policy/policy/modules/xen/xen.if
>> b
On 06/24/2015 03:29 AM, Andrew Cooper wrote:
> On 22/06/15 19:56, Ed White wrote:
>> diff --git a/xen/include/asm-x86/hvm/vcpu.h b/xen/include/asm-x86/hvm/vcpu.h
>> index 3d8f4dc..a1529c0 100644
>> --- a/xen/include/asm-x86/hvm/vcpu.h
>> +++ b/xen/include/asm-x86/hvm/
On 06/26/2015 02:17 PM, Ed White wrote:
> On 06/24/2015 03:29 AM, Andrew Cooper wrote:
>> On 22/06/15 19:56, Ed White wrote:
>>> diff --git a/xen/include/asm-x86/hvm/vcpu.h b/xen/include/asm-x86/hvm/vcpu.h
>>> index 3d8f4dc..a1529c0 100644
>>> --- a/xen/incl
On 06/29/2015 08:03 AM, George Dunlap wrote:
> On Mon, Jun 29, 2015 at 3:31 PM, Andrew Cooper
> wrote:
>> On 29/06/15 15:20, George Dunlap wrote:
>>> On Mon, Jun 22, 2015 at 7:56 PM, Ed White wrote:
>>>> In preparation for selectively enabling #VE in a later pa
On 06/29/2015 06:00 AM, Andrew Cooper wrote:
> On 26/06/15 22:17, Ed White wrote:
>> On 06/24/2015 03:29 AM, Andrew Cooper wrote:
>>> On 22/06/15 19:56, Ed White wrote:
>>>> diff --git a/xen/include/asm-x86/hvm/vcpu.h
>>>> b/xen/include/asm-x86/hvm
On 06/29/2015 06:03 AM, Andrew Cooper wrote:
> On 26/06/15 17:30, Ed White wrote:
>> On 06/24/2015 11:19 AM, Andrew Cooper wrote:
>>> On 24/06/15 18:47, Ed White wrote:
>>>>>> This looks like some hoop jumping around the assertions in
>>>>>> do
Currently, neither is enabled globally but may be enabled on a per-VCPU
basis by the altp2m code.
Remove the check for EPTE bit 63 == zero in ept_split_super_page(), as
that bit is now hardware-defined.
Signed-off-by: Ed White
Reviewed-by: Andrew Cooper
---
xen/arch/x86/hvm/vmx/vmcs.c
From: Andrew Cooper
For use on codepaths which would need to use domain_pause() but might be in
the target domain's context. In the case that the target domain is in
context, all other vcpus are paused.
Signed-off-by: Andrew Cooper
---
xen/common/domain.c | 28
As implemented here, only supported on platforms with VMX HAP.
By default this functionality is force-disabled, it can be enabled
by specifying altp2m=1 on the Xen command line.
Signed-off-by: Ed White
Reviewed-by: Andrew Cooper
---
docs/misc/xen-command-line.markdown | 7 +++
xen/arch
Implement and hook up the code to enable VMX support of VMFUNC and #VE.
VMFUNC leaf 0 (EPTP switching) emulation is added in a later patch.
Signed-off-by: Ed White
---
xen/arch/x86/hvm/vmx/vmx.c | 138 +
1 file changed, 138 insertions(+)
diff --git
From: Ravi Sahita
Signed-off-by: Ravi Sahita
---
xen/arch/x86/hvm/emulate.c | 12 +++--
xen/arch/x86/hvm/vmx/vmx.c | 30 +
xen/arch/x86/x86_emulate/x86_emulate.c | 48 +-
xen/arch/x86/x86_emulate/x86_emulate.h | 4
t support.
Not all of the patches will be of interest to everyone copied here. I've
copied everyone on this initial mailing to give context.
Andrew Cooper (1):
common/domain: Helpers to pause a domain while in context
Ed White (10):
VMX: VMFUNC and #VE definitions and detection.
t EPT violations only
the hypervisor is able to handle the violation.
Signed-off-by: Ed White
Reviewed-by: Andrew Cooper
---
xen/arch/x86/mm/p2m-ept.c | 26 +-
1 file changed, 25 insertions(+), 1 deletion(-)
diff --git a/xen/arch/x86/mm/p2m-ept.c b/xen/arch/x86/mm/p2m-
holding the host p2m lock.
Signed-off-by: Ed White
---
xen/arch/x86/hvm/Makefile| 1 +
xen/arch/x86/hvm/altp2m.c| 92 +
xen/arch/x86/hvm/hvm.c | 21 +
xen/arch/x86/mm/hap/hap.c| 31 -
xen/arch/x86/mm/m
Signed-off-by: Ed White
---
xen/arch/x86/hvm/hvm.c | 201
xen/include/public/hvm/hvm_op.h | 69 ++
2 files changed, 270 insertions(+)
diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
index d2d90c8..0d81050 100644
--- a
pointers are added to p2m_domain to allow direct
access to the extended routines.
Signed-off-by: Ed White
---
xen/arch/x86/mm/p2m-ept.c | 40 +---
xen/include/asm-x86/p2m.h | 13 +
2 files changed, 46 insertions(+), 7 deletions(-)
diff --git a/xen
Add a flag to indicate that a memory event occurred in an alternate p2m
and a field containing the p2m index. Allow any event response to switch
to a different alternate p2m using the same flag and field.
Modify p2m_memory_access_check() to handle alternate p2m's.
Signed-off-by: Ed
Add the remaining routines required to support enabling the alternate
p2m functionality.
Signed-off-by: Ed White
---
xen/arch/x86/hvm/hvm.c | 58 +-
xen/arch/x86/mm/hap/Makefile | 1 +
xen/arch/x86/mm/hap/altp2m_hap.c | 98 ++
xen/arch/x86/mm/p2m-ept.c| 3
From: Ravi Sahita
Signed-off-by: Ravi Sahita
---
tools/flask/policy/policy/modules/xen/xen.if | 4 +-
xen/arch/x86/hvm/hvm.c | 118 ---
xen/include/xsm/dummy.h | 12 +++
xen/include/xsm/xsm.h| 12 +++
The altp2mhvm and nestedhvm parameters are mutually
exclusive and cannot be set together.
Signed-off-by: Ed White
---
docs/man/xl.cfg.pod.5 | 12
tools/libxl/libxl_create.c | 1 +
tools/libxl/libxl_dom.c | 2 ++
tools/libxl/libxl_types.idl | 1 +
tools
On 07/03/2015 09:22 AM, Andrew Cooper wrote:
> On 01/07/15 19:09, Ed White wrote:
>> Add the basic data structures needed to support alternate p2m's and
>> the functions to initialise them and tear them down.
>>
>> Although Intel hardware can handle 512 EPTP'
On 07/06/2015 03:09 AM, Andrew Cooper wrote:
> On 01/07/15 19:09, Ed White wrote:
>> Signed-off-by: Ed White
>
> I am still very much unconvinced by the argument against having a single
> HVMOP_altp2m and a set of subops. do_domctl() and do_sysctl() are
> examples of a
On 07/06/2015 02:56 AM, Jan Beulich wrote:
>>>> On 03.07.15 at 18:22, wrote:
>> On 01/07/15 19:09, Ed White wrote:
>>> Add the basic data structures needed to support alternate p2m's and
>>> the functions to initialise them and tear them down.
>>>
On 07/06/2015 10:12 AM, George Dunlap wrote:
> On Fri, Jun 26, 2015 at 5:27 PM, Ed White wrote:
>> On 06/25/2015 11:04 PM, Jan Beulich wrote:
>>>>>> On 25.06.15 at 18:36, wrote:
>>>> On 06/25/2015 01:12 AM, Jan Beulich wrote:
>>>>>>>&
On 07/06/2015 10:49 AM, Wei Liu wrote:
>> diff --git a/tools/libxl/libxl_types.idl b/tools/libxl/libxl_types.idl
>> index 23f27d4..66a89cf 100644
>> --- a/tools/libxl/libxl_types.idl
>> +++ b/tools/libxl/libxl_types.idl
>> @@ -437,6 +437,7 @@ libxl_domain_build_info = Struct("domain_build_info",[
>
On 07/06/2015 10:08 AM, Ian Jackson wrote:
> Ed White writes ("Re: [Xen-devel] [PATCH v3 11/13] x86/altp2m: define and
> implement alternate p2m HVMOP types."):
>> On 07/06/2015 03:09 AM, Andrew Cooper wrote:
>>> I am still very much unconvinced by the a
On 07/06/2015 11:29 AM, George Dunlap wrote:
> On 07/06/2015 06:35 PM, Ed White wrote:
>> On 07/06/2015 10:12 AM, George Dunlap wrote:
>>> On Fri, Jun 26, 2015 at 5:27 PM, Ed White wrote:
>>>> On 06/25/2015 11:04 PM, Jan Beulich wrote:
>>>>>>>&
On 07/06/2015 11:18 AM, Wei Liu wrote:
> On Mon, Jul 06, 2015 at 11:01:27AM -0700, Ed White wrote:
>> On 07/06/2015 10:49 AM, Wei Liu wrote:
>>>> diff --git a/tools/libxl/libxl_types.idl b/tools/libxl/libxl_types.idl
>>>> index 23f27d4..66a89cf 100644
>&
On 07/07/2015 08:22 AM, Tim Deegan wrote:
> At 16:04 +0100 on 07 Jul (1436285059), George Dunlap wrote:
>> On 07/01/2015 07:09 PM, Ed White wrote:
>>> diff --git a/xen/arch/x86/mm/mm-locks.h b/xen/arch/x86/mm/mm-locks.h
>>> index b4f035e..301ca59 100644
>>&
On 07/07/2015 03:10 AM, George Dunlap wrote:
> On 07/06/2015 07:43 PM, Ed White wrote:
>>> Introducing yet another layer -- particularly in a hooked interface like
>>> this -- just seems clunky. It's not the worst thing in the world; if I
>>> thought this would
t EPT violations only
the hypervisor is able to handle the violation.
Signed-off-by: Ed White
Reviewed-by: Andrew Cooper
Reviewed-by: George Dunlap
Acked-by: Jun Nakajima
---
xen/arch/x86/mm/p2m-ept.c | 26 +-
1 file changed, 25 insertions(+), 1 deletion(-)
diff --git
From: Andrew Cooper
For use on codepaths which would need to use domain_pause() but might be in
the target domain's context. In the case that the target domain is in
context, all other vcpus are paused.
Signed-off-by: Andrew Cooper
---
xen/common/domain.c | 28
domain testing with a slightly
earlier patch series, and we hope he will submit that support.
Not all of the patches will be of interest to everyone copied here. I've
copied everyone on this initial mailing to give context.
Andrew Cooper (1):
common/domain: Helpers to pause a domain whil
Currently, neither is enabled globally but may be enabled on a per-VCPU
basis by the altp2m code.
Remove the check for EPTE bit 63 == zero in ept_split_super_page(), as
that bit is now hardware-defined.
Signed-off-by: Ed White
Reviewed-by: Andrew Cooper
Acked-by: George Dunlap
Acked-by: Jun
As implemented here, only supported on platforms with VMX HAP.
By default this functionality is force-disabled, it can be enabled
by specifying altp2m=1 on the Xen command line.
Signed-off-by: Ed White
Reviewed-by: Andrew Cooper
---
docs/misc/xen-command-line.markdown | 7 +++
xen/arch
Implement and hook up the code to enable VMX support of VMFUNC and #VE.
VMFUNC leaf 0 (EPTP switching) emulation is added in a later patch.
Signed-off-by: Ed White
Reviewed-by: Andrew Cooper
Acked-by: Jun Nakajima
---
xen/arch/x86/hvm/vmx/vmx.c | 138
holding the host p2m lock.
Signed-off-by: Ed White
Reviewed-by: Andrew Cooper
---
xen/arch/x86/hvm/Makefile| 1 +
xen/arch/x86/hvm/altp2m.c| 92 +
xen/arch/x86/hvm/hvm.c | 21 +
xen/arch/x86/mm/hap/hap.c| 32 ++
From: Ravi Sahita
Signed-off-by: Ravi Sahita
---
xen/arch/x86/hvm/emulate.c | 19 +--
xen/arch/x86/hvm/vmx/vmx.c | 29 +
xen/arch/x86/x86_emulate/x86_emulate.c | 20 +++-
xen/arch/x86/x86_emulate/x86_emulate.h |
From: George Dunlap
The existing ept_set_entry() and ept_get_entry() routines are extended
to optionally set/get suppress_ve. Passing -1 will set suppress_ve on
new p2m entries, or retain suppress_ve flag on existing entries.
Signed-off-by: George Dunlap
---
xen/arch/x86/mm/mem_sharing.c | 5
Add the remaining routines required to support enabling the alternate
p2m functionality.
Signed-off-by: Ed White
Reviewed-by: Andrew Cooper
---
xen/arch/x86/hvm/hvm.c | 58 +-
xen/arch/x86/mm/hap/Makefile | 1 +
xen/arch/x86/mm/hap/altp2m_hap.c | 98 ++
xen/arch
Add a flag to indicate that a memory event occurred in an alternate p2m
and a field containing the p2m index. Allow any event response to switch
to a different alternate p2m using the same flag and field.
Modify p2m_mem_access_check() to handle alternate p2m's.
Signed-off-by: Ed White
Ack
Signed-off-by: Ed White
---
xen/arch/x86/hvm/hvm.c | 138
xen/include/public/hvm/hvm_op.h | 82
2 files changed, 220 insertions(+)
diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
index bda6c1e..23cd507
From: Ravi Sahita
Signed-off-by: Ravi Sahita
Acked-by: Daniel De Graaf
---
tools/flask/policy/policy/modules/xen/xen.if | 4 ++--
xen/arch/x86/hvm/hvm.c | 6 ++
xen/include/xsm/dummy.h | 12
xen/include/xsm/xsm.h
The altp2mhvm and nestedhvm parameters are mutually
exclusive and cannot be set together.
Signed-off-by: Ed White
Reviewed-by: Andrew Cooper for the hypervisor bits.
---
docs/man/xl.cfg.pod.5 | 12
tools/libxl/libxl.h | 6 ++
tools/libxl/libxl_create.c
From: Tamas K Lengyel
Wrappers to issue altp2m hvmops.
Signed-off-by: Tamas K Lengyel
Signed-off-by: Ravi Sahita
---
tools/libxc/Makefile | 1 +
tools/libxc/include/xenctrl.h | 21
tools/libxc/xc_altp2m.c | 237 ++
3 files changed
From: Tamas K Lengyel
Working altp2m test-case. Extended the test tool to support singlestepping
to better highlight the core feature of altp2m view switching.
Signed-off-by: Tamas K Lengyel
Signed-off-by: Ed White
---
tools/tests/xen-access/xen-access.c | 173
> == Hypervisor ==
>
> * Alternate p2m: support multiple copies of host p2m (ok)
> - Ed White
>
I'm hoping to see some progress on getting this restarted
in the next 2 or 3 weeks, with additional Intel resources.
Ed
___
Xe
>>
>> Is there any chance you might reconsider your decision not to help
>> with toolstack support of the patch series? I'm still trying to find
>> an internal resource to do that work, but right now it's the biggest
>> risk I see to getting the series into 4.6.
>
> My comment regarding hesitation
On 01/15/2015 10:46 AM, Ed White wrote:
> On 01/15/2015 08:25 AM, Tim Deegan wrote:
>> Hi,
>>
>> At 13:26 -0800 on 09 Jan (1420806392), Ed White wrote:
>>> static inline bool_t is_epte_valid(ept_entry_t *e)
>>> {
>>> -return (e->epte !=
>>
>> The second thing is how similar some of this is to nested p2m code,
>> making me wonder whether it could share more code with that. It's not
>> as much duplication as I had feared, but e.g. altp2m_write_p2m_entry()
>> is _identical_ to nestedp2m_write_p2m_entry(), (making the
>> copyright cl
>>> diff --git a/xen/arch/x86/mm/hap/hap.c b/xen/arch/x86/mm/hap/hap.c
>>> index abf3d7a..8fe0650 100644
>>> --- a/xen/arch/x86/mm/hap/hap.c
>>> +++ b/xen/arch/x86/mm/hap/hap.c
>>> @@ -439,7 +439,7 @@ void hap_domain_init(struct domain *d)
>>> int hap_enable(struct domain *d, u32 mode)
>>> {
>>>
On 03/26/2015 03:48 AM, Tim Deegan wrote:
> At 13:59 -0700 on 25 Mar (1427291983), Ed White wrote:
>>>>> diff --git a/xen/arch/x86/mm/hap/hap.c b/xen/arch/x86/mm/hap/hap.c
>>>>> index abf3d7a..8fe0650 100644
>>>>> --- a/xen/arch/x86/mm
I didn't receive the original message, so I can't reply to it directly.
> Hi all
>
> We are now one month into 4.6 development window. This is an email to keep
> track of all the patch series I gathered. It is by no means complete and / or
> acurate. Feel free to reply this email with new project
On 03/04/2015 03:06 PM, Tamas K Lengyel wrote:
>> Right. The key observation is that at any single point in time, a given
>> hardware thread can be fetching an instruction or reading data, but not
>> both.
>
> Fine, as long as an instruction reading itself isn't going to lead to
tive. It is also not compatible with migration. It should be
considered experimental.
Ed White (11):
VMX: VMFUNC and #VE definitions and detection.
VMX: implement suppress #VE.
x86/HVM: Hardware alternate p2m support detection.
x86/MM: Improve p2m type checks.
x86/altp2m: basic data struct
, the alternate p2m nested page fault handler can safely
ignore log-dirty and leave it to be handled in the host p2m nested page
fault handler.
Signed-off-by: Ed White
---
xen/arch/x86/hvm/hvm.c | 4 +++-
xen/arch/x86/mm/p2m.c| 4
xen/arch/x86/mm/paging.c | 5 -
3 files changed, 7 i
1 - 100 of 205 matches
Mail list logo
